People's Democracy

(Weekly Organ of the Communist Party of
India (Marxist)

Vol. XXXVI

No. 45

November 11, 2012

Is
ITU Really Threatening the Internet?

Prabir
Purkayastha

WE
have already written about the forthcoming International
Telecommunications
Union's (ITU) conference – World
Conference on
International Telecommunications (WCIT) –
that is being held after
14 years in Dubai.
It has created an enormous amount of discussions,
particularly in the
blogosphere, about threats to the Internet from the ITU.
Given that various
governments now realise the importance of internet in
today's world, how much
of the threat is real and how much of it is an
artificial hysteria whipped up
by certain countries and corporations?

A
careful examination of the proposals would show that the
hype of ITU taking
over the internet is very much a creation of certain
groups who have other
interests. This does not mean that we do not need to
protect the internet as a
space for resistance for the people. Therefore we also
need to work out what
should be the scope of ITU and limit ITU to this scope
only.

Unfortunately,
the Government of India has made its submission on the
proposals before the ITU
without any public discussions. It has held private
discussion with the
industry – read big private players – but made no
attempt to have any other
consultation. Neither political parties nor civil
society groups have been
consulted. Considering that WCIT is proposing to revise
the IT Regulations
(ITR's) and therefore involves treaty making, this kind
of secrecy does not
speak well of the government and the ministry of
communications.

One
of the campaigns that is doing the rounds is that the
internet is independent
of telecommunications,even though it
runs on the global telecommunications network and it
should be kept that way. A
part of the problem appears to be that in the US (under
Federal Communication
Commission) information services and telecommunication
services are defined as
separate services, leading to the belief amongst
American academia, activists,
experts that they are two different domains. Even
Professor Milton Mueller
(Syracuse University School of Information Studies,
USA), in his otherwise
excellent summary of issues on the Dubai
proposals argues that “telecommunications” and
“information services” are
separate. In American telecom world, telecom is
artificially restricted to mean
only voice while data communications is held to be
information services. It is
important to understand that the purpose of FCC
designating kinds of services
was a purely regulatory one – voice services were
regulated while data services
were not. What is happening here is not that ITU is
expanding its remit to the
internet but American concepts of what constitutes
telecom and the internet are
sought to be imposed on the world.

FUNDAMENTAL

ISSUE

The
fundamental issue is that data and voice communications
are both a part of
today's telecommunications and have always have been.
The internet treats
everything including voice as data and transmits it as
data packets over the
existing telecommunications infrastructure. If we see
the ITU definition of
telecommunications, it includes all forms of
signal emission,
transmission and reception. This means obviously that
there are certain parts
of internet that are very much a part of the
telecommunications. The issue of
who frames the standards for the internet and decides
its governance – ITU or
other bodies – is different from whether the internet is
independent of
telecommunications.

What
is also important to understand about the internet and
telecommunications is
what the telecommunication networks do not do. Apart
from moving the data
packets between computers the telecommunications
networks do not do anything
else. The conversion of this data to meaningful
information – processing it,
converting it and understanding its meaning is the
application and the content
layers. ITU has never been involved in the content of
the communications and
that is why application and content are squarely out of
ITU's remit. So when
looking at the current proposals, it is clear that the
issues that concern
content need to be kept out of ITU.

It
is clear today that all forms of communications – from
voice, videos, radios –
are moving to the internet. If all voice, data and
broadcasting of radio and
video signals move to internet,then all
devices may in future connect using their IP addresses –
phone numbers will
have no meaning; calling up another person may be done
by using his phone's IP
address from my IP phone and not the number.IP to IP interconnection then become the norm for
all communications.

To
argue that ITU should have no role in IP to IP
interconnection as it belongs to
the internet means the absence of a global
interconnectivity regime backed up
by an international agreement. In other words, why
bother to have an ITU at
all. An American commentator on the internet, Larry
Downs (Forbes, October 1, 2012) says this quite
openly as below:

"The
Internet revolution is quickly obsoleting old
copper-based switched telephone
networks. Once the shift to all-IP communications is
complete, the ITU will
have little left to justify its existence for another
150 years."

This
is also the AT&T's FCC submission recently –
re-classify us as information
services and wind up all the existing regulatory
obligations of our telecommunication
services. Are
we then seeing an attack
on ITU not because it wants to grab the internet but
because players in internet
space including some telcos would like to take over all
telecommunications by
calling it information services/ internet services and
getting rid of all their
current obligations such as obligation to interconnect,
common carrier
obligations, universal service obligations etc? Instead
of ITU grabbing the
internet as it is projected, are we seeing instead a
campaign to wind-up the
ITU?

Lest
I am accused of being a conspiracy theorist, it is
important to note that 15
leading American companies including AT&T,
Microsoft, Google, Verizon,
CISCO, etc., have hired Ambassador Gross's company,
Weily Rein LLP to lead a
global campaign on keeping ITU out of the internet.
Ambassador Gross is a very
well-known figure and a key player in earlier US
administrations on such matters.
He and his company are officially campaigning – along
with the US Federal Government
– of the threat of a UN takeover via the ITU of the
internet and therefore to the
world’s freedom.

CYBER

SECURITY

Much
of the literature and material that is coming out today
on these issues can be
traced to this coalition. Unfortunately, much of the
global media including the
Indian ones, pick up all this either as “paid” news or
because they are too
lazy to do their home work. The other
issue on which there is a lot of controversy is on cyber
security. This is
contentious as it can impinge on individual rights.
However, under all domestic
laws, the governments already have these powers.And if people
have any doubt that the US
behaves any
differently from the governments it condemns for
violations of freedom on the
internet, we have only to look at its powers under the
Patriot Act. All US
companies
routinely give total access to the National Security
Agency (NSA) to their data
and systems. China
has its Great Chinese Firewall. In India, we have
sections in the IT Act such
as 66A, which can be used against persons sending
innocuous cartoons or
tweeting against the rich and the powerful for offences
that carry three years
penalty, when the original “offence” – the cartoon of
Mamata Bannerjee or the
tweet against Karti Chidambaram – do not if computers
are not used.

Some
would argue that incorporating cyber security in ITU
would legitimise such
threats from nation states; it could be argued equally
plausibly we can get
better clauses in a global body than in national laws
and rules. Witness all
the Human Rights declarations at global levels which
most nation states then do
not implement.

Given
that other bodies are looking at cyber security, and
such measures can impinge
on individual freedoms and privacy, these need not be
brought under the ITR's.
However, what is being proposed in ITU is pretty
simplistic stuff. So why the
furore? Is it because the US as the global champion of
freedom is outraged on
the proposals by some countries in theITU that impinge on our individual freedoms; or
is it because ITU is
looking at what countries can do to each other's
networks and is proposing some
checks, even if relatively innocuous?

The
US
has in the past turned
down all proposals from Russia
and others for not militarising the internet, claiming
these were attempts by Russia
and China
to negate the US
lead in cyber warfare. For Russia
and China
(well as other states), ITU then becomes a platform to
raise such issues. It
was only then – in 2010 – that the US
agreed to discussions on cyber
warfare/security in the UN and such discussions are
continuing now in other
global fora.So
the practical political
method for making the US
budge on cyber warfare/internet (either governance or on
security) is to raise
it in ITU. Whether it succeeds or not, it surely pushes
the US
then start a
dialogue, even if in a different platform!

Lastly,
how much of the vitriol on cyber security is due to ITU
asking Kaspersky Labs
to analyse the problems that Iran was having and finding
out the problem.
Kaspersky traced it to Flame Virus, and its links with
Duqu and Stuxnet
viruses, both of which are now known to be US-Israeli
joint creations. By the
way, the Stuxnet infected a huge number of computers –
estimated to be more
than 80,000 – in India
also, after it went "wild".

Is
it therefore the possibility that countries under attack
by the US
and its allies could then go to ITU for help
that makes the US
see red? If ITU has no role on cyber security, then it
cannot help any country
to find out the nature of the attack against it. For
small countries under
attack, there is no other global body it can turn to if
it requires technical
help.Incidentally,
the World Summit on
Information Systems in 2005, Tunis had unanimously
designated ITU as the sole
UN agency on cyber security, so it is a little late in
the day to argue that
ITU should have nothing to do with cyber security.

I
do believe that the gravest threat we have today to the
internet is
militarising the internet and if we are not able to stop
this threat, we will
see fragmenting of the internet.India
and other countries should jointly seek to move global
compact in WCIT
declaring the internet to be a weapons free zone. This
is not the same as
incorporating some minor measures on cyber security in
ITR's but should be an
over-arching “no cyberwar pact” of the conference. The
US use of cyber weapons
against Iran was a huge mistake and all of us will pay a
price for this, if we
cannot get a global compact on this soon. The scary
figure is the estimation
that Flame virus would have taken only 100 million
dollars to develop – a big
sum for an individual or an organisation but pocket
change for a country. And
believe me, today all vital infrastructure in all
countries are run by control
systems that have "computers" embedded in them and
therefore fair
targets for such attacks – just as the centrifuges in
Natanz were.